Describe each element of the extended IP access list configuration syntax.

What will be an ideal response?

---

To configure extended IP access lists, you must create the list and then apply it to an interface using the following syntax. A detailed explanation of each element follows the example.
access-list [list #] [permit|deny] [protocol] [source IP address] [source wildcard mask] [operator] [port] [destination IP address] [destination wildcard mask] [operator] [port] [log]
• [list #]-Extended IP access lists are represented by a number in the range of 100-199 (in IOS versions 11.2 and greater, they can also be represented by text names).
• [permit|deny]-Used to specify the nature of the access list line. It is either a permit or a deny statement.
• [protocol]-The IP protocol to be filtered can be IP (which includes all protocols in the TCP/IP suite), TCP, UDP, ICMP, or others.
• [source IP address]-The IP address of the source.
• [source wildcard mask]-A wildcard mask, or inverse mask, applied to determine which bits of the source address are significant.
• [destination IP address]-The IP address of the destination.
• [destination wildcard mask]-A wildcard mask, or inverse mask, applied to determine which bits of the destination address are significant.
• [operator]-Can contain lt (less than), gt (greater than), eq (equal to), or neq (not equal to). It is used if an extended list filters by a specific port number.
• [port]-If necessary, the port number of the protocol to be filtered. Alternatively, a service using TCP, such as www or ftp, can be specified.
• [log]-Turns on logging of access list activity.